From b0782a62b34a8343968a456ed754f55cc41daf0f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 7 May 2014 15:49:27 +0200
Subject: add customized HttpClient which can use the MOA Truststore to verfiy
 SSL connections

---
 .../apache/commons/httpclient/MOAHttpClient.java   | 100 +++++++++++++++++++++
 1 file changed, 100 insertions(+)
 create mode 100644 id/server/moa-id-commons/src/main/java/org/apache/commons/httpclient/MOAHttpClient.java

(limited to 'id/server/moa-id-commons/src/main/java/org')

diff --git a/id/server/moa-id-commons/src/main/java/org/apache/commons/httpclient/MOAHttpClient.java b/id/server/moa-id-commons/src/main/java/org/apache/commons/httpclient/MOAHttpClient.java
new file mode 100644
index 000000000..e4aa6a284
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/java/org/apache/commons/httpclient/MOAHttpClient.java
@@ -0,0 +1,100 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package org.apache.commons.httpclient;
+
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+
+import org.apache.commons.httpclient.HostConfiguration;
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpException;
+import org.apache.commons.httpclient.HttpMethod;
+import org.apache.commons.httpclient.HttpMethodDirector;
+import org.apache.commons.httpclient.HttpState;
+import org.apache.commons.httpclient.URI;
+import org.apache.commons.httpclient.protocol.Protocol;
+import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
+
+import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
+
+/**
+ * @author tlenz
+ *
+ *HTTP client which can be used with MOA SSL TrustStore implementation
+ * 
+ */
+public class MOAHttpClient extends HttpClient {
+
+	
+	public void setCustomSSLTrustStore(String metadataURL, SecureProtocolSocketFactory protoSocketFactory) throws MOAHttpProtocolSocketFactoryException, MalformedURLException {
+		;
+		
+		URL url = new URL(metadataURL);	
+		int port = -1;
+		if (url.getPort() < 0)
+			port = url.getDefaultPort();
+		else
+			port = url.getPort();
+				
+		Protocol authhttps = new Protocol("https", protoSocketFactory, port);
+		getHostConfiguration().setHost(url.getHost(), port, authhttps);
+		
+	}
+	
+    public int executeMethod(HostConfiguration hostconfig, 
+            final HttpMethod method, final HttpState state)
+            throws IOException, HttpException  {
+                
+            if (method == null) {
+                throw new IllegalArgumentException("HttpMethod parameter may not be null");
+            }
+            HostConfiguration defaulthostconfig = getHostConfiguration();
+            if (hostconfig == null) {
+                hostconfig = defaulthostconfig;
+            }
+            URI uri = method.getURI(); 
+            if (hostconfig == defaulthostconfig || uri.isAbsoluteURI()) {
+                // make a deep copy of the host defaults
+                hostconfig = (HostConfiguration) hostconfig.clone();
+                
+                /**
+                 * Only build default host with default protocol if protocol is empty
+                 * 
+                 * In case of https, the methode setCustomSSLTrustStore can be used to set a
+                 * the MOA TrustStore for SSL connection validation
+                 */
+                if (uri.isAbsoluteURI() && hostconfig.getProtocol() == null) {
+                    hostconfig.setHost(uri);
+                }
+           }
+            
+            HttpMethodDirector methodDirector = new HttpMethodDirector(
+                    getHttpConnectionManager(),
+                    hostconfig,
+                    getParams(),
+                    (state == null ? getState() : state));
+            methodDirector.executeMethod(method);
+            return method.getStatusCode();
+        }
+}
-- 
cgit v1.2.3